Now we’re live. Good day. Welcome to the broadcast. It’s Tuesday. It is Tuesday.
WordPress Architect
Welcome to the show. Welcome to the replay. I’m Tony. I am the web developer. I did put WordPress architect. I was trying to be fancy today. Oh, wow. I just noticed. Yeah, I actually updated my LinkedIn to say WordPress architect because I was like, that’s kind of what I am. I don’t design and develop things, but we build, you know. So I like that. Thank you. A ring to it.
Outdoor Work
We did some outdoor work today. We have a giant harvest, tons of cucumbers, tons of tomatoes. I can’t wait to make some Sunday gravy with those.
Yeah, we got our tomato plants doing really well. We have like probably over 15 tomatoes. I take them off when they’re green just because if not, they’re going to like bust open and get bad because can’t wait for them to turn red. Bugs will eat them. So a trick is to put them in a brown bag with a red apple and leave it in a dark place and it will turn red. It’s like a hack, a life hack.
Show Topic: WordFence
We’re going to be talking about open issues, it can also be called whistleblower. It’s more about security solutions for WordPress issues and more importantly, WordFence itself. We’re going to be going over installing it on 3tone Digital. I took it off so we can go through the whole process.
Installing WordFence
Let me share my screen and you’re going to see Three Tone Digital. The back end. Don’t hack it. So I took WordFence off. So you can hack our site right now. But I’m going to install it again to go through the process of installing it. But I want to go over what WordFence is first.
What is WordFence?
WordFence is actually a really great community of developers who work together and alert any critical alerts or vulnerabilities. It’s a plugin that you can install on your WordPress site that protects your site. It has a certain level of protection on it. Being part of the WordFence community, you can get alerts for any new updates, any new plugins. Long story short, it’s great to sign up for the alerts, but just a little tip: if you do, you get a lot of emails. So make sure you have a separate email.
Proactive vs Reactive Security
WordFence can be used reactively, which we’ll talk about in a second, but proactively is what we’re talking about more. You put it on your site, the alerts, it’s good to have if you have one site. You want to know if it’s going to be hacked or plugins or security patch. When you start getting multiple sites, you get a lot of alerts. The other way to use WordFence is reactive. If there’s a virus or malware on the site, WordFence will scan the site and tell you what doesn’t belong.
WordFence Installation
So once you install, it says Free License Installed. Go to Dashboard. You’ll see a bunch of stuff. They have this tutorial that’ll link you through it. But the most important pieces are Firewall. You can block countries, entire countries. You can block IP ranges, user agents, referrers, host names, all these things.
Scanning with WordFence
This is where you can scan your site. It looks at all core files, all plugin files and compares them against what it knows to be true. It’ll go through your site and at the end, it’ll send you an email. It’ll also update this screen with a bunch of things saying there’s something on your site that you have to delete or it’ll give you the option or your site’s clean and you’re good to go.
Live Traffic and 2FA
There are live traffic options which show you people requesting, what time they’re visiting. This is more so you can identify if there’s something shady going on on your site. You can also look them up by their IP. There’s also 2FA (two-factor authentication). You’d scan this with Google Authenticator and then every time you try to log into the site, you have to log into Google Authenticator and enter the code or paste it if it’s on Bluetooth.
Open Issues in Plugins
What if there is a problem with WordFence or others? What we really want to talk today is about open issues inside of plugins. Each plugin that’s on WordPress can be, but usually is developed by somebody like an external developer, a company or something. Some of them are not, there’ll be WordPress plugins that are developed by automatic, which is the company that owns WordPress.
Plugin Support and Forums
When there’s issues that arise, which are frequent, I would say WordPress is a very stable thing, but sometimes when there’s major releases or major updates in plugins or themes, a lot of stuff breaks. You do have to go into these plugins, hopefully on staging or local, and solve that issue before it doesn’t work on the site. On the plugin page itself, you’ll see a link here that goes right to the repo. This is where all plugins and themes are stored that are within WordPress.
Troubleshooting
On here, you can find support forums. When there’s an issue, this is the first place I would go to. If a white screen of death, or if you see something weird, you can find it and see the replies too. This is a great tip to just know that this exists. Open issues, check support, because a lot of the times when we’re having any type of issue, we’re going to first check any forums or support channels to see what is the most recent issue that they’re having. Is it a common error that is happening?
Final Thoughts
So that is WordFence. Easy to install. I would say essential.